# # CONFIGURATION FOR AFPD # # Each line defines a virtual server that should be available. # Empty lines and lines beginning with `#' are ignored. # Options in this file will override both compiled-in defaults # and command line options. # # Format: # - [options] to specify options for the default server # "Server name" [options] to specify an additional server # # The following options are available: # Transport Protocols: # -[no]tcp Make AFP-over-TCP [not] available # -[no]ddp Make AFP over AppleTalk [not] available. if you # have -proxy specified, specify -uamlist "" to # prevent ddp connections from working. # # -transall Make both available (default) # # Transport Options: # -ipaddr Specifies the IP address the server should respond # to (default is the first IP address of the system) # This option also allows one machine to advertise # TCP/IP for another machine. # -server_quantum # Specifies the DSI server quantum. The minimum # value is 1MB. The max value is 0xFFFFFFFF. If you # specify a value that is out of range, you'll get # the default value (currently the minimum). # -admingroup # Specifies the group of administrators who should all # be seen as the superuser when they log in. Default # is disabled. # -ddpaddr x.y Specifies the DDP address of the server. the # default is to auto-assign an address # (0.0). this is only useful if you're running # on a multihomed host. # -port Specifies the TCP port the server should respond # to (default is 548) # -fqdn specify a fully-qualified domain name (+ # optional port). this gets discarded if the # server can't resolve it. this is not honored # by appleshare clients <= 3.8.3 (default: none) # -proxy Run an AppleTalk proxy server for specified AFP/TCP # server (if address/port aren't given, then # first IP address of the system/548 will be used). # if you don't want the proxy server to act as # a ddp server as well, set -uamlist to an # empty string. # -noslp Don't register this server with the Service # Location Protocol. # # # Authentication Methods: # -uampath Use this path to look for User Authentication Modules. # (default: /usr/pkg/libexec/netatalk/uams) # -uamlist Comma-separated list of UAMs. (default: # uams_guest.so,uams_clrtxt.so,uams_dhx.so) # # some commonly available UAMs: # uams_guest.so: Allow guest logins # # uams_clrtxt.so: (uams_pam.so or uams_passwd.so) # Allow logins with passwords # transmitted in the clear. # # uams_randnum.so: Allow Random Number and Two-Way # Random Number exchange for # authentication. # # uams_dhx.so: (uams_dhx_pam.so or uams_dhx_passwd.so) # Allow Diffie-Hellman eXchange # (DHX) for authentication. # # Password Options: # -[no]savepassword [Don't] Allow clients to save password locally # -passwdfile Use this path to store Randnum # passwords. (Default: /usr/pkg/etc/netatalk/afppasswd. The only # other useful value is ~/.passwd. See 'man afppasswd' # for details.) # -passwdminlen <#> minimum password length. may be ignored. # -[no]setpassword [Don't] Allow clients to change their passwords. # -loginmaxfail <#> maximum number of failed logins. this may be # ignored if the uam can't handle it. # # AppleVolumes files: # -defaultvol Specifies path to AppleVolumes.default file # (default /usr/pkg/etc/netatalk/AppleVolumes.default, # same as -f on command line) # -systemvol Specifies path to AppleVolumes.system file # (default /usr/pkg/etc/netatalk/AppleVolumes.system, # same as -s on command line) # -[no]uservolfirst [Don't] read the user's ~/AppleVolumes or # ~/.AppleVolumes before reading # /usr/pkg/etc/netatalk/AppleVolumes.default # (same as -u on command line) # -[no]uservol [Don't] Read the user's volume file # # -nlspath Prepend this path to each code page filename # in volume options (default: /usr/pkg/share/netatalk/nls). # # Miscellaneous: # -authprintdir Specifies the path to be used (per server) to # store the files required to do CAP-style # print authentication which papd will examine # to determine if a print job should be allowed. # These files are created at login and if they # are to be properly removed, this directory # probably needs to be umode 1777 # -guestname "user" Specifies the user name for the guest login # (default "nobody", same as -g on command line) # -loginmesg "Message" Client will display "Message" upon logging in # (no default, same as -l "Message" on commandline) # -nodebug Switch off debugging # -client_polling With this switch enabled, afpd won't advertise # that it is capable of server notifications, so that # connected clients poll the server every 10 seconds # to detect changes in opened server windows. # Note: Depending on the number of simultaneously # connected clients and the network's speed, this can # lead to a significant higher load on your network! # -tickleval Specify the tickle timeout interval (in seconds). # Note, this defaults to 30 seconds, and really # shouldn't be changed. If you want to control # the server idle timeout, use the -timeout option. # -timeout Specify the number of tickles to send before # timing out a connection. The default is 4, therefore # a connection will timeout in 2 minutes. # -icon Use the platform-specific icon. # -[un]setuplog " []" # Specify that the given loglevel should be applied # to log messages of the given logtype and that # these messages should be logged to the given file. # If the filename is ommited the loglevel applies to # messages passed to syslog. # Each logtype may have a loglevel applied to syslog # and a loglevel applied to a single file. Latter # -setuplog settings will override earlier ones of # the same logtype (file or syslog). # logtypes: Default, Core, Logger, CNID, AFPDaemon # loglevels: LOG_SEVERE, LOG_ERROR, LOG_WARN, LOG_NOTE, # LOG_INFO, LOG_DEBUG, LOG_DEBUG6, LOG_DEBUG7, # LOG_DEBUG8, LOG_DEBUG9, LOG_MAXDEBUG # # for example: # -setuplog "logger log_maxdebug /var/log/netatalk-logger.log" # -setuplog "afpdaemon log_maxdebug /var/log/netatalk-afp.log" # -unsetuplog "default level file" # -setuplog "default log_maxdebug" # # Some examples: # # The simplest case is to not have an afpd.conf. # # 4 servers w/ names server1-3 and one w/ the hostname. servers # 1-3 get routed to different ports with server 3 being bound # specifically to address 192.168.1.3 # - # server1 -port 12000 # server2 -port 12001 # server3 -port 12002 -ipaddr 192.168.1.3 # # a dedicated guest server, a user server, and a special # ddp-only server: # "Guest Volume" -uamlist uams_guest.so -loginmesg "Welcome guest!" # "User Volume" -uamlist uams_clrtxt.so -port 12000 # "special" -notcp -defaultvol -systemvol # # default: # - -transall -uamlist uams_clrtxt.so,uams_dhx.so -nosavepassword